• PDF / 492,688 Bytes
• 17 Pages / 430 x 660 pts Page_size
• 30 Downloads / 168 Views

DOWNLOAD

REPORT

Department of Electrical Engineering National Taiwan University No. 1, Sec. 4, Roosevelt Rd., Taipei, Taiwan 106, R.O.C. [email protected], [email protected] 2 Department of Information Management Shih Hsin University No. 1, Lane17, Sec. 1, Mu-Cha Rd., Taipei, Taiwan 116, R.O.C. [email protected]

Abstract. In a ubiquitous computing environment, a person can use various intelligent devices to obtain his desired services at any time and any place. For convenience, most of these devices are small and of limited power and computation capacity. Therefore, an admired scheme should take these into consideration. In 2006, Lin et al. proposed a lightweight authentication scheme only using one-way hash function. However, their scheme is vulnerable to the several security threats. It is the germination of our idea. In this paper, we only require one-way hash function, exclusive OR operation, a smart card, and a memorial password to construct a simple and efficient key exchange scheme to withstand the most known security threats. We also take several merits into our scheme. First, the friendliness and fairness of a user are considered. The user can freely select her/his identity and password for registration and employ the used identity to register repeatedly when the smart card has lost. Second, a user does not need to worry about the damage of the smart card loss problem even if the content of the smart card has been extracted. Our scheme can take care hard security threats and efficient at the same time. Since our scheme does not require any symmetric and asymmetric cryptosystems, the communication and computation cost is very low. Therefore, our scheme is suitable to be applied in ubiquitous computing environments. Keywords: authentication, hash function, key exchange, password, smart card.

1

Introduction

In a ubiquitous computing environment, each user can use many mobile devices to obtain his service at any time and any place without knowing how to use these devices [18]. These devices could have a low communication and computation capability. When a user wants to get a permitted service from a server, 

Corresponding author.

M. Denko et al. (Eds.): EUC Workshops 2007, LNCS 4809, pp. 728–744, 2007. c IFIP International Federation for Information Processing 2007 

A Simple and Efficient Key Exchange Scheme

729

authentication and key exchange are basic mechanisms due to that the public networks are teem with many uncertainties and security threats are to come out one after the other. In the previous authenticated key exchange schemes, asymmetric cryptosystems such as the Diffie-Hellman [8], ElGamal [11], and RSA [27] schemes are often adopted. However, in those schemes [7,26], the computational complexity and the storage cost are burden. For mulching the implementation easy and enhancing the performance, many authenticated key exchange schemes were proposed [15,17] by employing symmetric cryptosystems such as DES [10] and AES [1], a memorial password, a one-way hash function [3] and a smart card [21]. How

Recommend Documents

Smart Card

171 115 5MB

Efficient Key Management Scheme for SCADA System

204 35 29MB

A Secure and Efficient Smart Contract Execution Scheme

199 25 19MB

An Efficient Password-Only Two-Server Authenticated Key Exchange System

175 23 486KB

Computationally-Efficient Password Authenticated Key Exchange Based on Quadratic Residues

159 56 451KB

Smart and simple

188 19 1MB

Smart Card Standards and Industry Initiatives

161 70 24MB

Efficient Identity-Based Signature Authentication Scheme for Smart Home System

195 5 61MB

An Efficient Privacy Scheme Based on Smart Multimedia Devices

195 31 63MB

A Simple and Efficient Higher Order Finite Element Scheme for Helmholtz Waveguides

140 44 350KB

An Efficient and Secure User Authentication Protocol for Smart Card Users

166 86 23MB

An Improvement of Encrypted Remote User Authentication Scheme by Using Smart Card

158 16 209KB